package common;

import java.io.IOException;
import java.sql.ResultSet;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.jm.utils.StringHelper;

public class JspFilter extends HttpServlet implements Filter {
	private static final long serialVersionUID = -5309324112933644327L;
	private FilterConfig filterConfig;
    //Handle the passed-in FilterConfig
    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    //Process the request/response pair
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
       
        try {
            request.setCharacterEncoding("UTF-8");
        } catch (IOException iox) {
            filterConfig.getServletContext().log(iox.getMessage());
        }
        
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;
        HttpSession session = req.getSession();
        com.jm.utils.Utils utils = new com.jm.utils.Utils(req);
        
        String sql = null;
        ResultSet rs = null;
        
        String staffId = (String) session.getAttribute("staffId");
        staffId = (staffId == null) ? "" : staffId;
        
        String uid = utils.getStringParam("uid");
        String pwd = utils.getStringParam("pwd");
        String url = req.getRequestURL().toString();
        
        try {
        	if (utils.getStringParam("sub").equals("OK") && uid.length() != 0 && !staffId.equalsIgnoreCase(uid)) {        		
        		sql = "select * from pan..pan001  where enab =1 and userid = '"+uid+"' and pwd = '"+pwd+"'";
        		utils.prepareStatement("pan", sql);
        		rs = utils.executeQuery();
        	}
            if (rs != null && rs.next()) {
                session.setAttribute("userId", utils.getRsString(rs, "userId"));
                session.setAttribute("chname", utils.getRsString(rs, "chname"));
                session.setAttribute("email", utils.getRsString(rs, "email"));
                session.setAttribute("uitype", utils.getRsString(rs, "uitype"));
            }
            
	        String sessionUserId = (String) session.getAttribute("userId");
	        
	        if (!StringHelper.IsNullOrEmpty(sessionUserId)){
	        	 if ((req.getContextPath() + "/login.jsp").equals(req.getRequestURI())
	        			 || (req.getContextPath() + "/").equals(req.getRequestURI())) {
	             	req.getRequestDispatcher("/home.jsp").forward(req, res);
	        	 }else{
	        		 chain.doFilter(request, response);
	        	 }
	        }else {
	            req.getRequestDispatcher("/login.jsp").forward(req, res);
	        }
	        
        } catch (Exception e) {
        	e.printStackTrace();
            filterConfig.getServletContext().log(e.getMessage());
        } finally {
        	utils.cleanUp();
        }
    }

    public void destroy() {}
}
